Extend Active Directory Schema

Since there is an issue with using the Configure Active Directory option, we have to perform a workaround.

The reason is the way the security of Windows 2008 is configured.

The workaround is to use the DPMADSchemaExtension tool, located in C:Program FilesMicrosoft System Center 2012DPMDPMEnd User Recovery. In order to run this tool logon to a domain controller map to the directory above and run DPMADSchemaExtension.exe.

Log onto a domain controller, and copy the DPMADSchemaExtension.exe tool from the DPM server to the domain controller. Right-click on the EXE and choose ‘Run as Administrator’.

On the following prompt, click Yes.

Enter Data Protection Manager Computer Name, note this is not the FQDN name of the server, but just the server name. Then press OK.

Enter Data Protection Manager Server domain name, note this will be the FQDN domain name so if your domain is yourdomain.local enter yourdomain.local. Then press OK.

Enter Protected Computer Domain Name. This field can be left blank if the DPM server is in the same domain as the Domain Controller that owns the Schema master role.

On this information dialog, press OK.

You may encounter the following prompt, especially if you are attempting this on Windows Server 2012. You will have to close this dialog, install .NET Framework 3.5 and then re-run the DPMADSchemaExtension.exe tool on the Domain Controller.

After having successfully installed .NET Framework 3.5, and re-running the DPMADSchemaExtension.exe tool, when it completes you should encounter this message. Press OK.

Log back into your DPM server, and open the Options window. On the End-User Recovery tab, you will notice that the ‘Configure Active Directory’ button is now disabled, and the ‘Enable End-User Recovery’ checkbox is available. Ensure that this checkbox is selected, and press OK.